Heads Of State On NSO Spyware List

Uploaded on 2021-07-24 in INTELLIGENCE--International, FREE TO VIEW, TECHNOLOGY--Hackers

French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the Israeli spyware firm NSO GroupPresident Macron has had to change his phone and phone number because Pegasus spyware, most probably targeted him, a French government official said. Ironically, Macron has recently held an emergency meeting on cyber security at the Élysée Palace. 

New evidence uncovered by a consortium of investigative journalists, collectively known as the 'Pegasus Project' has revealed that the phone numbers for heads of state, including President Macron, Pakistan’s Imran Khan and South Africa’s Cyril Ramaphosa, as well as hundreds of government officials, were selected as 'people of interest' by clients of spyware company NSO Group.  

Other potential targets found on a list of 50k phone numbers leaked to the charity Amnesty International include Barham Salih of Iraq, King Mohammed VI of Morocco and three current prime ministers, Imran Khan of Pakistan, Mustafa Madbouly of Egypt and Saad Eddine El Othmani of Morocco.

Amnesty International’s Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders and journalists around the world. This research has uncovered widespread, persistent and ongoing unlawful surveillance and human rights abuses perpetrated using NSO Group’s Pegasus spywareThirty-seven phones identified in the Pegasus Project investigation were either breached or shows signs of attempted infection.

In Paris, the city's Prosecutor’s Office announced that it too was investigating the suspected widespread use of NSO’s military-grade Pegasus spyware to target journalists, human rights activists and politicians in multiple countries.

The Paris prosecutor’s office said in a statement that it opened an investigation into a raft of potential charges, including violation of privacy, illegal use of data and illegally selling spyware. As is common under French law, the investigation doesn’t name a suspected perpetrator but is aimed at determining who might eventually be sent to trial. It was prompted by a legal complaint by two journalists and investigative website Mediapart. An official in Macron’s office said authorities would investigate Le Monde’s report, and if the targeting is proven, it would be “extremely grave.”

Amnesty International’s Secretary General Agnes Callamard said: “The unprecedented revelation that the phones of at least fourteen heads of state may have been hacked using NSO Group’s Pegasus spyware should send a chill down the spine of world leaders... We have long known that activists and journalists are targets of this surreptitious phone-hacking – but it’s clear that even those at the highest levels of power cannot escape the sinister spread of NSO’s spyware." 

NSO Group can no longer hide behind the claim that its spyware is only used to fight crime, it appears that Pegasus is also the spyware of choice for those wanting to snoop on foreign governments, according to the claims of Pegasus Project invetigators.

“NSO Group must immediately stop selling its equipment to countries with a track record of putting human right defenders and journalists under unlawful surveillance...  The Israeli government should also not authorise licenses for the export of NSO Group’s cyber surveillance technology if there is a substantial risk it could be used for human rights violations.” Callamard, said in a statement.

Another company identified by Amnesty as hosting NSO servers was cloud computing dvelopment firm, DigitalOcean. When contacted by The Associated Press, DigitalOcean neither confirmed nor denied whether it had identified or cut off such servers. “All of the infrastructure outlined in the Amnesty report is no longer on DigitalOcean,” it said in an emailed statement.

The consortium’s findings significantly widen the scope of alleged abuses in which NSO Group has been implicated. Those include the surveillance of friends and relatives of journalist Jamal Khashoggi, who was killed inside the Saudi consulate in Istanbul in 2018, and highlight what critics call the urgent need to regulate global sales of commercial hacking tools. Leading French daily newspaper Le Monde said the phone numbers for Macron and other government members were among thousands allegedly selected by NSO clients for potential surveillance. In this case, the client was an unidentified Moroccan security service, according to Le Monde.

Consortium members said they were able to link more than 1,000 numbers in 50 countries on the list with individuals, including more than 600 politicians and government officials and 189 journalists. The largest share were in Mexico and the Middle East, where Saudi Arabia is reported to be among NSO clients. Also on the list were phone numbers in Azerbaijan, Kazakhstan, Pakistan, Morocco and Rwanda, as well as ones for several Arab royal family members, the consortium reported.

NSO Group has denied that it ever maintained “a list of potential, past or existing targets and Le Monde has quoted NSO as saying the French president was never targeted by its clients. The source of the leak  and how it was authenticated  has not been disclosed.

While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it was confident the data indicated potential targets of NSO’s government clients.

Multiple lawsuits by alleged victims have been filed against NSO Group including by Facebook over the Israeli firm’s alleged hacking of its WhatsApp application and investigations are under way to determine whether the spyware was actually installed on the phones or whether data was retrieved.

Amnesty International:    France24:   Washington Post:   Guardian:     Marketwatch:   

APNews:   Security Week:      Military.com:      

You Might Also Read: 

Wanted: An International Cyber Security Law

 

« IBM Watson In Demand
The State Of Cyber Security In Healthcare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

AlgoSec

AlgoSec

The AlgoSec platform enables the world’s most complex organizations to gain visibility, reduce risk and process changes at zero-touch across the hybrid network.

Barracuda

Barracuda

Barracuda provides a comprehensive cybersecurity platform to protect organizations from all major attack vectors that are present in today’s complex threats.

CERT-EU

CERT-EU

CERT-EU is a permanent Computer Emergency Response Team for the EU institutions, agencies and bodies.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

TUV Sud

TUV Sud

TÜV SÜD is a leading technical service organisation. We specialize in testing, certification, auditing, training, and advisory services for different industries.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Netteam

Netteam

Netteam designs, implements and services networking solutions for companies of all sizes.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

Nassec

Nassec

Nassec is a Cyber Security firm dedicated to providing the best vulnerability management solutions. We offer tailor-made cyber security solutions based upon your requirements and nature of business.

BlueHalo

BlueHalo

BlueHalo is purpose-built to provide industry capabilities in the domains of Space Superiority and Directed Energy, Missile Defense and C4ISR, and Cyber and Intelligence.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

CyberGate Technologies

CyberGate Technologies

CyberGate Technologies is a world-class, customer focus cyber security service and consultancy company operating the UK, Europe, Middle East, and Africa.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.